43 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: cxl/port: Fixed the issue where parentport was used after freeing it in cxldetachep. The cxldetachep function is called during the bottom-up removal process, when all CXL memory devices beneath a switch port have been removed...
Astra Linux - уязвимость в linux-5.10, linux
A flaw was discovered in the Linux kernel. A denial-of-service attack may occur if a consecutive request for NVMEIOCTLRESET and NVMEIOCTLSUBSYSRESET is made through the device file of the driver, resulting in a disconnection of the PCIe link...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: cxl/pmem: Fixed leaks in cxlpmemregion and cxlmemdev. When a cxlnvdimm object undergoes an -remove operation where the device is physically removed, nvdimmbridge is disabled, or the nvdimm device is disabled, any associated...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fixed the validation of region HPA ordering. Some regions may not have any address space allocated. Skip these regions when validating HPA order; otherwise, a crash similar to the following may occur: devmcxladdregion...
CVE-2026-31530 cxl/port: Fix use after free of parent_port in cxl_detach_ep()
In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix use after free of parentport in cxldetachep cxldetachep is called during bottom-up removal when all CXL memory devices beneath a switch port have been removed. For each port in the hierarchy it locks both the port a...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011098)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011098 advisory. In the Linux kernel, the following vulnerability has been resolved: cxl: fix possible null-ptr-deref in cxlguestinitafu|adapter If deviceregister fails in...
CVE-2026-23348
A flaw was found in the Linux kernel, specifically within the CXL Compute Express Link and NVDIMM Non-Volatile Dual In-line Memory Module subsystems. A race condition can occur when NVDIMM objects attempt to reprobe after the cxlacpi module is removed, while the nvdimmbus object is missing. This...
CVE-2026-23327
The CVE-2026-23327 issue is a Linux kernel vulnerability in the CXL mailbox driver (cxl/mbox). The root cause is that cxl_payload_from_user_allowed() casts and dereferences the user payload without validating its size, allowing an undersized mailbox command to trigger a read past the allocated bu...
USN-8029-3: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; -...
USN-8029-3 linux-azure vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; -...
USN-8048-1: Linux kernel (OEM) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; -...
CVE-2024-21961
Improper restriction of operations within the bounds of a memory buffer in PCIe® Link could allow an attacker with access to a guest virtual machine to potentially perform a denial of service attack against the host resulting in loss of availability...
CVE-2024-21961
Improper restriction of operations within the bounds of a memory buffer in PCIe® Link could allow an attacker with access to a guest virtual machine to potentially perform a denial of service attack against the host resulting in loss of availability...
Linux Distros Unpatched Vulnerability : CVE-2023-54323
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cxl/pmem: Fix nvdimm registration races A loop of the form: while true; do modprobe cxlpci; modprobe -r cxlpci; done ...fails with the following crash signature...
CVE-2023-54323 cxl/pmem: Fix nvdimm registration races
In the Linux kernel, the following vulnerability has been resolved: cxl/pmem: Fix nvdimm registration races A loop of the form: while true; do modprobe cxlpci; modprobe -r cxlpci; done ...fails with the following crash signature: BUG: kernel NULL pointer dereference, address: 0000000000000040...
CVE-2023-54323 cxl/pmem: Fix nvdimm registration races
In the Linux kernel, the following vulnerability has been resolved: cxl/pmem: Fix nvdimm registration races A loop of the form: while true; do modprobe cxlpci; modprobe -r cxlpci; done ...fails with the following crash signature: BUG: kernel NULL pointer dereference, address: 0000000000000040...
CVE-2022-50481
In the Linux kernel, the following vulnerability has been resolved: cxl: fix possible null-ptr-deref in cxlguestinitafu|adapter If deviceregister fails in cxlregisterafu|adapter, the device is not added, deviceunregister can not be called in the error path, otherwise it will cause a null-ptr-dere...
CVE-2022-50481 cxl: fix possible null-ptr-deref in cxl_guest_init_afu|adapter()
In the Linux kernel, the following vulnerability has been resolved: cxl: fix possible null-ptr-deref in cxlguestinitafu|adapter If deviceregister fails in cxlregisterafu|adapter, the device is not added, deviceunregister can not be called in the error path, otherwise it will cause a null-ptr-dere...
PT-2025-37498
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw in the cxl subsystem where a null pointer dereference may occur in the cxl pci init afu|adapter function. Specifically, if device register fails, the...
Linux Distros Unpatched Vulnerability : CVE-2022-49896
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cxl/pmem: Fix cxlpmemregion and cxlmemdev leak When a cxlnvdimm object goes through a -remov...